package com.meeting.y.interceptor;

import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import com.jfinal.kit.Ret;
import com.jfinal.weixin.sdk.api.ApiConfigKit;
import com.jfinal.weixin.sdk.api.ApiResult;
import com.jfinal.weixin.sdk.cache.IAccessTokenCache;
import com.meeting.y.model.AuthUser;
import com.meeting.y.model.WechatUser;
import com.meeting.y.util.StringUtil;
import com.meeting.y.util.TimeUtil;

import javax.servlet.http.HttpSession;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

public class CurrentUserInterceptor implements Interceptor {

    public void intercept(Invocation inv) {
        String [] whiltlist = new String[]{"/api/wechat/user/info"
                ,"/api/wechat/login"
                ,"/wxa/user/login"
                ,"/wxa/user/info"
        };
        if(Arrays.asList(whiltlist).contains(inv.getActionKey())){
            inv.invoke();
            return;
        }
        String sessionId =  inv.getController().getCookie("wxa-sessionid");
        String alladmin =  inv.getController().getCookie("alladmin");
        if(!StringUtil.isStrEmpty(sessionId)){
            IAccessTokenCache accessTokenCache = ApiConfigKit.getAccessTokenCache();
            if(accessTokenCache.get("wxa:session:" + sessionId) == null){
                Ret result=  Ret.fail().set("code",10001).set("message","请登录");
                inv.getController().renderJson(result);
                return;
            }
            String session_key = ApiResult.create(accessTokenCache.get("wxa:session:" + sessionId)).getStr("session_key");
            WechatUser wechatUser = WechatUser.dao.findWechatuserBySessionKey(session_key);
            if(wechatUser != null){
                inv.getController().getRequest().setAttribute("userid",wechatUser.getId());
                if(wechatUser.getRelaUserId() != null){
                    inv.getController().getRequest().setAttribute("relauserid",wechatUser.getRelaUserId());
                    String role = AuthUser.dao.findById(wechatUser.getRelaUserId()).getRole();
                    inv.getController().getRequest().setAttribute("role",role);
                    if("1".equals(alladmin)){
                    }else {//没开启 全局 则设置sql
                        inv.getController().getRequest().setAttribute("rightsql",getRightSql(role,wechatUser.getRelaUserId()));
                    }
                }
            }
        }
        inv.invoke();
    }

    public String getRightSql(String role,Integer relaid){
        String _sql = "";
        if("管理员".equals(role)){
            _sql = "";
        }else if("老师".equals(role)){
            _sql = " and mm.id in (select meeting_id from meetings_meetingattendee" +
                    " where user_id = "+relaid+" and delete_status=0)";
        }else {//默认学生权限
            _sql = " and mm.id in (select meeting_id from meetings_meetingattendee" +
                    " where user_id = "+relaid+" and delete_status=0)";
        }
        return _sql;
    }
}
